Jump to content


Photo
- - - - -

Does AirVPN validate its certs properly in the connection process?

certs connection VPN MiTM sysadmin

  • Please log in to reply
2 replies to this topic

#1 greenclaydog

greenclaydog

    Advanced Member

  • Members
  • PipPipPip
  • 254 posts

Posted 27 October 2016 - 04:20 PM

Is AirVPN vulnerable to a MiTM attack by sysadmins looking to throttle their clients? According to  http://security.stackexchange.com/questions/53444/vpns-vulnerable-to-mitm-because-any-certificate-goes OpenVPN does not validate that the cert is correct, thus making it possible for ISPs, sysadmins etc, to trick the client to use a fake cert so they may monitor the connections contents. Is AirVPN safe from this?



#2 Staff

Staff

    Advanced Member

  • Staff
  • PipPipPip
  • 7796 posts

Posted 27 October 2016 - 05:01 PM

Is AirVPN vulnerable to a MiTM attack by sysadmins looking to throttle their clients?

 

No.

 

According to  http://security.stackexchange.com/questions/53444/vpns-vulnerable-to-mitm-because-any-certificate-goes OpenVPN does not validate that the cert is correct, thus making it possible for ISPs, sysadmins etc, to trick the client to use a fake cert so they may monitor the connections contents. Is AirVPN safe from this?

 

Safe. Frankly, we don't even know whether VPN services without client-side certificate validation exist. Probably not but if you find them, avoid them at all costs.

 

The only way to break the trust is suggested in the thread you linked and requires a compromised system, just like you would do with HTTPS. Any security consideration and audit must start from a non-compromised system, obviously.

 

Kind regards



#3 LZ1

LZ1

    It's nice to be nice to nice people

  • Moderators
  • 1953 posts

Posted 27 October 2016 - 05:49 PM

Hello!

 

If Airs site was vulnerable to like so, it would totally ruin Airs Christmas!

 

You can also check the specs, if you haven't :).

 

Welcome to AirVPN.


Hi there, are you new to AirVPN? Many of your questions are already answered in this guide. Its Guides Section has guides on Linux/Torrenting/Blocked sites & many other topics too.
Moderators do not speak on behalf of AirVPN. Only the Official Staff account does. Please read the First Questions section in the link above for more details, thank you.
Did you make a guide or how-to for something? Then contact me to get it listed in my new user guide's Guides Section, so that the community can find it more easily.

Tired of Windows? Why Linux Is Better.





Similar Topics Collapse


1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users

Servers online. Online Sessions: 14129 - BW: 52342 Mbit/sYour IP: 54.197.24.206Guest Access.